OpenClaw Watch

The skill's behavior mostly matches a local security helper, but the runtime instructions direct the agent to fetch and execute code from the network (npx @latest), which contradicts the SKILL.md's '100% local' claim and creates supply-chain risk.

This SKILL.md describes a useful local security helper, but it instructs the agent to run `npx openclaw-watch@latest`, which will download and execute code from the npm registry — contradicting the '100% local' claim and creating supply-chain risk. Before installing or following these commands: (1) prefer a pinned package version (not @latest) and ask for a checksum or signed release (e.g., GitHub release tarball + SHA256); (2) request the maintainer's package source (npm package contents or repo) and review code or have it audited; (3) run any initial execution in a sandbox/container or isolated CI runner; (4) avoid automatic broadcasting of 'I scanned X — all clear' unless you trust the scanner and verify findings yourself; (5) if you want fully offline operation, ask the publisher for an offline installation artifact and instructions. If the author can provide a bundled package (or an install spec with pinned version+hash) and proof that no network fetch is required, risk would be materially lower.